False Claims Act Trends And Expected Enforcement Priorities For 2024

(May 13, 2024) - Scott B. McBride and Rasmeet Chahil of Lowenstein Sandler LLP discuss the Department of Justice's priorities and trends for 2024, including efforts relating to the False Claims Act, the Paycheck Protection Program and its Civil Cyber-Fraud Initiative.

The Department of Justice's (DOJ or Justice Department) Civil Fraud Section recently announced that its False Claims Act (FCA) settlements and judgments in 2023 totaled nearly $2.7 billion. "False Claims Act Settlements and Judgments Exceed $2.68 Billion in Fiscal Year 2023," U.S. Department of Justice (Feb. 22, 2024) (hereinafter "Press Release"). The Justice Department also announced its commitment to initiating cases without qui tam relators. In 2023, it initiated 500 such matters, a significant leap from the prior year's total of 305 and significantly above the prior record of self-initiated cases of 340 in 1987.

In addition, the Justice Department has focused its efforts on improper payments under the Paycheck Protection Program (PPP) and its Civil Cyber-Fraud Initiative.

This article will discuss the DOJ's priorities and trends for 2024.

Background

The FCA imposes liability on any company or person (typically a federal contractor) that submits a claim to the federal government that they know (or should know) is false. The FCA is one of the federal government's primary litigation tools in combating fraud against the government. The FCA contains a qui tam provision that allows private citizens, informally known as "whistleblowers," to file suits on behalf of the government.

Qui tam suits have traditionally been an important driver of FCA litigation. This trend has continued, as suits filed by whistleblowers made up 87% of the Justice Department's 2023 recoveries. However, the DOJ's decision to intervene in qui tam cases remains a critical inflection point — 81% of 2023 FCA recoveries were in cases where the government chose to intervene.

On its FCA settlements and judgments, the Justice Department touted this as the "highest number of settlements and judgments in history" — 543 for the year. However, the dollar figure — $2.68 billion — is actually one of the smaller totals in recent history. By way of comparison, from 2010 to 2019, the DOJ's recoveries consistently approached, or exceeded, more than $3 billion each year. The highwater mark was in 2021, when the Justice Department recovered $5.7 billion total.

The press release showed that the relators' bar has also been active; in 2023, 16% of recoveries came from qui tam cases where the government declined to intervene. While this is a return to the norm after the anomaly of 2022 (when 54% of recoveries were in non-intervened cases), it is an increase from prior years, when the percentage of recoveries in non-intervened cases have been in the single digits (e.g., 8% in 2021 and 9% in 2020). A government declination is not the harbinger of a doomed case that it once was.

As with prior years, health care cases accounted for the largest portion of FCA recoveries, with cases targeting managed-care providers, pharmacies, hospitals, physicians, opioids, and unlawful kickbacks. Specifically, the Justice Department highlighted FCA cases regarding the Medicare Advantage (Medicare Part C) program, medically unnecessary services and substandard care fraud, claims related to the opioid epidemic, and claims based on violations of the federal anti-kickback statute.The DOJ also emphasized its enforcement efforts targeting government defense contractors.

Another recent area of focus for the Justice Department has been improper payments under the Paycheck Protection Program (PPP). The PPP was enacted during the COVID-19 pandemic to provide loans guaranteed by the U.S. Small Business Administration (SBA) to eligible small businesses for payroll, rent, utility payments, and other business-related costs. In 2023, the DOJ resolved approximately 270 False Claims Act matters involving PPP loans, recovering over $48.3 million.

In its press release, the Justice Department also highlighted its Civil Cyber-Fraud Initiative, which was announced in October 2021. Under this initiative, the DOJ uses the FCA to hold government contractors liable for violating cybersecurity requirements and/or knowingly misrepresenting their cybersecurity protocols.

For example, Verizon paid $4 million to resolve FCA allegations that it failed to completely satisfy certain cybersecurity controls in connection with an information technology service provided to federal agencies. "Cooperating Federal Contractor Resolves Liability for Alleged False Claims Caused by Failure to Fully Implement Cybersecurity Controls," U.S. Department of Justice (Sept. 5, 2023).

The DOJ's announcement of this settlement was also notable because it discussed the steps that Verizon took to obtain "cooperation credit." The Justice Department's guidance in this area has been limited in the four years since it announced the cooperation-credit policy, but the DOJ noted that "Verizon provided the government with a written self-disclosure, initiated an independent investigation and compliance review of the issues and provided the government with multiple detailed supplemental written disclosures."

Expected DOJ priorities and trends for 2024

Looking forward, health care and life sciences companies, and all who come in contact with federal dollars (including investors), will need to remain diligent with compliance efforts. In Principal Deputy Assistant Attorney General Brian M. Boynton's remarks on the 2023 recoveries, he said that the Justice Department will continue to focus on cybersecurity, pandemic fraud, health care fraud, and the potential role of private equity investors in the conduct of health care entities in 2024 and beyond. "Principal Deputy Assistant Attorney General Brian M. Boynton Delivers Remarks at the 2024 Federal Bar Association's Qui Tam Conference," U.S. Department of Justice (Feb. 22, 2024).

On the cybersecurity front, those who contract with the government will need to pay close attention to cybersecurity requirements and ensure that there are systems in place to detect breaches so that they can be rapidly reported. The Federal Acquisition Regulatory (FAR) Council proposed two rules last fall that would increase cybersecurity requirements for federal contractors. The first proposed rule would "standardize cybersecurity contractual requirements across Federal agencies for unclassified Federal information systems." Proposed Rule, 88 F.R. 68402 (Oct. 3, 2023).

The second proposed rule would require contractors to share information on cyber threats and report cyber incidents to the government within eight hours of discovery. See Proposed Rule, 88 F.R. 68055 (Oct. 3, 2023). In addition to remaining vigilant, companies that do identify violations should take advantage of the DOJ's cooperation policy to mitigate potential liability.

As noted above, pandemic-related fraud kept government investigators busy in 2023.Although many of the pandemic-related fraud cases resulted in relatively small recoveries, the government remains focused on the misuse of COVID-19 pandemic funds. In 2023, federal agencies created interagency task forces and shared information to assist in prosecuting and investigating many of these matters, and these joint efforts undoubtedly will continue.

The DOJ has also recently used the FCA to pursue alleged violations by private equity investors and venture capital funds involving their portfolio companies. In recent cases, the DOJ has taken the position that issues raised during a private equity investor's due diligence of a potential investment that are not immediately corrected are enough to hold an investor liable under the FCA.

For example, private equity firms H.I.G. Growth Partners and H.I.G. Capital (collectively, H.I.G.) and former executives of South Bay Mental Health Center, Inc. (South Bay) agreed to pay $25 million for allegedly causing fraudulent claims to be submitted to federal and Massachusetts health care programs and for failure to stop pre-investment misconduct after investing. "Private Equity Firm and Former Mental Health Center Executives Pay $25 Million Over Alleged False Claims Submitted for Unlicensed and Unsupervised Patient Care," Massachusetts Office of the Attorney General (Oct. 14, 2021).

The relator alleged that, during the due diligence process, H.I.G. learned of South Bay's misconduct and knew or should have known that the conduct continued after the acquisition due to its ongoing management of South Bay. See U.S. ex rel. Martino-Fleming v. South Bay Mental Health Ctr., No. 15-13065 (D. Mass.)

Cases like this one highlight the importance of thorough due diligence for investors, including for FCA risks. It is also important for investors to ensure that the portfolio company's management operates independently and reports to the board of directors. When the corporate form is disregarded, private equity investors are put at higher risk.

Outside of the FCA, the DOJ also recently announced its whistleblower rewards pilot program, which it designed to provide reporting incentives in cases where whistleblowers are not eligible for payment from other government programs. In an address in March, Deputy Attorney General Lisa Monaco said that the Justice Department would create and implement this program over the next 90 days. "Deputy Attorney General Lisa Monaco Delivers Keynote Remarks at the American Bar Association's 39th National Institute on White Collar Crime," U.S. Department of Justice (Mar. 7, 2024).

The program is meant to fill in the gaps where a whistleblower informs the Justice Department of corporate misconduct, but has no existing financial disclosure incentive (such as a qui tam relator's entitlement to payment in an FCA action). Examples of such matters include domestic corruption cases and Foreign Corrupt Practices Act (FCPA) cases involving violations by non-issuers.

The program would only apply to information not previously reported, so that only the first whistleblower in the door would be eligible for a reward. According to the DOJ, this is to encourage companies and individuals to come forward as soon as they are aware of potential misconduct. It remains to be seen whether this will disincentivize whistleblowers to report suspected misconduct internally at the company. If it does, it risks depriving companies of the opportunity to address concerns first.

Originally published on Westlaw Today

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.